There has been an interest in increasing communication using various networks. In particular, the term the “internet of things (IoT)” has been used to refer to an extension of machine to machine (M2M) communication to a wider variety of devices, including for example household equipment such as washing machines or heating systems.
This increasing connectivity requires corresponding security, since it is undesirable to allow all users access to such devices.
A number of security options are possible. Firstly, where the local device is communicating using a cellular M2M system it is possible to simply ignore additional security and use the inherent security in the cellular communications system and secure the network/internet end—the service provider can provide a secure connection to the internet.
The inherent security in cellular communications makes this approach suitable in some applications. However, the approach does not deal with the increasing prevalence of so-called “Internet of Things” (IoT) devices operating on Local Area Networks (LANs) which may be susceptible to attacks such as the spoofing of a device or a man-in-the-middle attack.
A second option for securing IoT devices is a network wide key programmed at manufacturing into all devices on a network. This is simple to manage. Unfortunately, if the single key is compromised, all devices in the network are at risk.
A third option is a separate key programmed separately into each device at manufacturing, or later. This approach is hard to manage, but does have the advantage that if one device is compromised only that device is compromised.
A fourth option is public key cryptography. This requires access to a certificate authority and puts considerable overload on the processor and network. This may be a problem for a very simple processor which may be used in IoT applications.
A further issue is that many designers of IoT products are not communications engineers and are focussed on other aspects than security.
There is therefore a need for a system and method for securing communications to a remote device.